Following that train of thought, your PDF could produce DIY PuiKash or, the analogy I prefer, traveller cheques. Writing the password on the cheque is equivalent to activating or signing it anonymously.

No sure i'm following you, you mean some kind of printable cheque which you then sign?

e.g. If you add just a bitcoin address to your wallet if with be labeled like this:

So you will be able to see transactions, balances, etc. But when you try and send funds from that address you will be prompted to enter the private key. Before you enter the private key you can unplug your internet and instead of relaying the transaction immediately it will output a string which you can copy and paste into http://bitsend.rowit.co.uk/ when your ready to send it.

Following that train of thought, your PDF could produce DIY PuiKash or, the analogy I prefer, traveller cheques. Writing the password on the cheque is equivalent to activating or signing it anonymously.

No sure i'm following you, you mean some kind of printable cheque which you then sign?

I mentioning this as a matter of style. I have not yet seen your PDF, but it could look like a cheque or certificate with your brand ("In Puik we Trust"), rather than just an archival artifact. I am suggesting that users could generate a one time wallet simply to create fixed denomination cheques. Each cheque presumably contains a unique encrypted wallet. You can give the cheque to someone and they would need the passphrase to decrypt and transfer the funds. The passphrase is thus the activation 'signature'.

it is odd to go to a site named BlockChain.info for managing my hybrid javascript wallet. and then this thread gets polluted with wallet-related topics. wouldn't it be a better idea to separate the two?

I will be integrating the wallet into the site (nothing too intrusive). Fro example when you visit a address page you will be able to click 'Add to my Wallet' and have the address added in public key only mode. + I can't be bothered to setup a new domain

ok. the other request is for translations. this site -- particularly with the javascript wallet, is just as useful to those who read german, spanish, japanese, etc.

the question i had though is what happens when i want to access from a different computer but don't have a link to the wallet url? isn't there a way i can give an alias so that i don't need to keep the wallet identifier?

Good idea, but people would likely pick aliases which are easy to guess e.g. 'my-wallet' which would then exposed your encrypted wallet data. What do you think about an alias with a security question something like simple like 'What is your date of birth?'.

that would work. i'm not sure why there's a concern though to require date of birth or other filter -- if it is encrypted the password i used to encrypt it is still required, right?

I mentioning this as a matter of style. I have not yet seen your PDF, but it could look like a cheque or certificate with your brand ("In Puik we Trust"), rather than just an archival artifact. I am suggesting that users could generate a one time wallet simply to create fixed denomination cheques. Each cheque presumably contains a unique encrypted wallet. You can give the cheque to someone and they would need the passphrase to decrypt and transfer the funds. The passphrase is thus the activation 'signature'.

Interesting idea, it could done fairly easily. But to redeem the cheque you would have to type in the private key by hand and the private key address would need to have the exact balance of the cheque.

So that I can generate a private key offline, create offline transactions, but send the public address to your server for balance tracking?

Yeah exactly. I've implemented kinda sorta offline mode now you can generate a transaction offline after you have gotten the unspent outputs from the server. So at the point at which you need to enter the private key you can go offline. You'll see something like this.

A general use case:

You have a 'current' account where you keep a limited amount of coins to do whatever it is you do with bitcoins. Then a 'savings' account which you keep the majority of you holdings. For the current account you keep both the bitcoin address and private key in the wallet, so you can send and receive transactions quickly. But with the savings account you keep only the bitcoin address and have a paper backup of the private key. So you can see the transactions and balances of both accounts but there is absolutely now way your savings account private key can leak.

To move money from the savings account to the current account you would create an offline transaction, typing in the private key by hand. That way the private key touches only your browser for a few seconds and it not transmitted over the internet, even in encrypted form.

ok. the other request is for translations. this site -- particularly with the javascript wallet, is just as useful to those who read german, spanish, japanese, etc.

that would work. i'm not sure why there's a concern though to require date of birth or other filter -- if it is encrypted the password i used to encrypt it is still required, right?

Posted as i was replying

I am not bilingual so can't help much here. If anyone wants to volunteer then great.

The fear is that someone with the encrypted wallet might be able to brute force it, I think your right is not too much of a concern. I upped the minimum password length to 10 characters and implemented it anyway.

Your innovations/implementations are fantastic. While I hope for your sake that you can monetize this somehow. I also hope others will follow in your footsteps. I would like to see the data formats and interfaces all standardized.

Don't you use QR codes in the PDF? I'd think the 3-7K capacity of a version 40 QR (left) is more than enough for a single key wallet.

I still don't understand offline transactions. I don't understand why they aren't already common, why they are difficult to implement, and how then you are able to do them (there is something fundamental about outputs that I don't understand, but I don't know what I don't know/understand).

The offline wallet is brilliant. But beyond a proof of concept, I don't think I would use them unless I could download a zip (html, js), pull the plug and only then generate keys. Its a position born from misunderstanding and distrust.

When a private key (and most definitely a public key) is input, I think you can safely guess the encoding. I estimate there is one in ten trillion chance of confusing an honestly generated hex with base58 and the checksum and length should be unambiguous.

@Finway: I'd think a green address would be problematic as Puik's site does not provide accounts, but facilitates YOUR wallets. There would be no single trusted green address to send from, unless you entrusted your bitcoins to a single wallet managed by Puik. He's already emphasised having no access to your wallet (it's stored encrypted on his site and decrypted locally on your machine).

@Finway: I'd think a green address would be problematic as Puik's site does not provide accounts, but facilitates YOUR wallets. There would be no single trusted green address to send from, unless you entrusted your bitcoins to a single wallet managed by Puik. He's already emphasised having no access to your wallet (it's stored encrypted on his site and decrypted locally on your machine).

Thank you for your elaboration, encryption before storage is even better!

For the wallet Lastpass doesn't seem to recognize the password field, I have to manually enter my wallet password everytime. Is there a way to change this? I like lastpass because it generates 32 key random passwords for each separate site I visit, I don't want to have to remember/store a complicated password to login to this.

For the wallet Lastpass doesn't seem to recognize the password field, I have to manually enter my wallet password everytime. Is there a way to change this? I like lastpass because it generates 32 key random passwords for each separate site I visit, I don't want to have to remember/store a complicated password to login to this.

I would assume this is because there is no data POSTed to the server, if Lastpass is listening for POSTs, it won't find any. All decryption is done on the client side.

Your innovations/implementations are fantastic. While I hope for your sake that you can monetize this somehow. I also hope others will follow in your footsteps. I would like to see the data formats and interfaces all standardised.

Thank you for your support netrin. It would be nice if this was profitable but it's not a priority at the moment. Others are welcome to you my api's if they want to implement a similar service.

I still don't understand offline transactions. I don't understand why they aren't already common, why they are difficult to implement, and how then you are able to do them (there is something fundamental about outputs that I don't understand, but I don't know what I don't know/understand).

They are not difficult to implement, the only problem is knowing which outputs to send without an internet connection or access to the blockchain. You can cache a list of unspent outputs but the longer you keep the list the more likely the state of the outputs will change cause your transaction to be rejected. Then you have to submit the transaction to the network offline, again not hard to implement, just a bit cumbersome.

The offline wallet is brilliant. But beyond a proof of concept, I don't think I would use them unless I could download a zip (html, js), pull the plug and only then generate keys. Its a position born from misunderstanding and distrust.

I think this can be done, I have an idea.

Finway, as netrin explained explained the green address technique cannot be used for this wallet.

Terrytibbs, I add the css you suggested but it didn't seem to help the browser seems to be ignoring it.

racerguy, don't think I can help with that won't, probably won't work as there is no form submitted.

I still don't understand offline transactions. I don't understand why they aren't already common, why they are difficult to implement, and how then you are able to do them (there is something fundamental about outputs that I don't understand, but I don't know what I don't know/understand).

They are not difficult to implement, the only problem is knowing which outputs to send without an internet connection or access to the blockchain. You can cache a list of unspent outputs but the longer you keep the list the more likely the state of the outputs will change cause your transaction to be rejected. Then you have to submit the transaction to the network offline, again not hard to implement, just a bit cumbersome.

Could you explain outputs or provide a link? The wiki Transactions doesn't cut it for me. To me, when I send bitcoins, I collect a bunch of addresses, add up their balance, and using each address, sign the fact that I am redirecting their total balance to a new set of addresses. The 'output' is just the amounts, the destination addresses, the same tiny script 99% of all transactions use, all wrapped in my address signatures. As long as I know my address balances have not changed, what state change could have happened? My understanding of 'output' must be horribly naive.

Is it possible to take a minimal wallet and encrypt it with the recipient's public address and send it to the recipient side channel? In theory, couldn't the recipient use the associated private key to decrypt it? (Are elliptic keys reversible in the same way as RSA?) If this were common, wouldn't bitcoin truly be anonymous, every transaction plausibly deniable?